OpenCloudOS-Kernel/kernel/cgroup
Tejun Heo e574576416 cgroup: Use open-time cgroup namespace for process migration perm checks
cgroup process migration permission checks are performed at write time as
whether a given operation is allowed or not is dependent on the content of
the write - the PID. This currently uses current's cgroup namespace which is
a potential security weakness as it may allow scenarios where a less
privileged process tricks a more privileged one into writing into a fd that
it created.

This patch makes cgroup remember the cgroup namespace at the time of open
and uses it for migration permission checks instad of current's. Note that
this only applies to cgroup2 as cgroup1 doesn't have namespace support.

This also fixes a use-after-free bug on cgroupns reported in

 https://lore.kernel.org/r/00000000000048c15c05d0083397@google.com

Note that backporting this fix also requires the preceding patch.

Reported-by: "Eric W. Biederman" <ebiederm@xmission.com>
Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org>
Cc: Michal Koutný <mkoutny@suse.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Michal Koutný <mkoutny@suse.com>
Reported-by: syzbot+50f5cf33a284ce738b62@syzkaller.appspotmail.com
Link: https://lore.kernel.org/r/00000000000048c15c05d0083397@google.com
Fixes: 5136f6365c ("cgroup: implement "nsdelegate" mount option")
Signed-off-by: Tejun Heo <tj@kernel.org>
2022-01-06 11:02:29 -10:00
..
Makefile cgroup: Add misc cgroup controller 2021-04-04 13:34:46 -04:00
cgroup-internal.h cgroup: Use open-time cgroup namespace for process migration perm checks 2022-01-06 11:02:29 -10:00
cgroup-v1.c cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv 2022-01-06 11:02:29 -10:00
cgroup.c cgroup: Use open-time cgroup namespace for process migration perm checks 2022-01-06 11:02:29 -10:00
cpuset.c mm/page_alloc: detect allocation forbidden by cpuset and bail out early 2021-11-06 13:30:38 -07:00
debug.c kernel: cgroup: fix misuse of %x 2019-05-06 08:47:48 -07:00
freezer.c cgroup: freezer: don't change task and cgroups status unnecessarily 2019-11-07 07:38:41 -08:00
legacy_freezer.c cgroup: rename freezer.c into legacy_freezer.c 2019-04-19 11:26:48 -07:00
misc.c misc_cgroup: remove error log to avoid log flood 2021-09-20 07:35:38 -10:00
namespace.c memcg: enable accounting for new namesapces and struct nsproxy 2021-09-03 09:58:12 -07:00
pids.c clone3: allow spawning processes into cgroups 2020-02-12 17:57:51 -05:00
rdma.c cgroup: fix spelling mistakes 2021-05-24 12:45:26 -04:00
rstat.c cgroup: Fix rootcg cpu.stat guest double counting 2021-11-01 06:47:08 -10:00